Results 1 to 9 of 9

Thread: Zimbra as a smtp relay for a domain

Hybrid View

  1. #1
    Join Date
    Dec 2012
    Posts
    6
    Rep Power
    3

    Default Zimbra as a smtp relay for a domain

    Hi everyone,
    First I would like to apologize if this is not the correct section. I am a newbie in Zimbra. Here is what I am looking for:
    I have a domain let say test.com. I have installed Zimbra server in the local office. The Zimbra is NATed to an external IP with hostname mail.test.com. I want to authenticate my domain with zimbra server, in other words to use zimbra as a SMTP relay, but to be open only for incomming mails from test.com.
    First I know that I have to add MX record for host - mail.test.com in the DNS where is the domain. I want to use it only for relayed e-mails from test.com
    The other strange thing I noticed is that I have tested server on its IP. Telnet to port 25 is ok, but when try to send mail via console all the mails are "Relay access denied" ?

    This is my first mail server installation and I am sorry if the questions are stupid.
    Any help is highly appreciated.
    Thanks in advance

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by Todor View Post
    First I would like to apologize if this is not the correct section. I am a newbie in Zimbra. Here is what I am looking for:
    I have a domain let say test.com. I have installed Zimbra server in the local office. The Zimbra is NATed to an external IP with hostname mail.test.com. I want to authenticate my domain with zimbra server, in other words to use zimbra as a SMTP relay, but to be open only for incomming mails from test.com.
    I'm not really sure I understand what you mean by 'open', a relay or just to get mail delivered to the server?

    Quote Originally Posted by Todor View Post
    First I know that I have to add MX record for host - mail.test.com in the DNS where is the domain. I want to use it only for relayed e-mails from test.com
    I'm not sure I understand this either, perhaps it's related to my answer above?

    Quote Originally Posted by Todor View Post
    The other strange thing I noticed is that I have tested server on its IP. Telnet to port 25 is ok, but when try to send mail via console all the mails are "Relay access denied" ?
    Discussed many times in the forums and wiki: Split DNS and if you want to relay anything through your server you should use port 587 (which requires authentication) as the submission port not port 25.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Dec 2012
    Posts
    6
    Rep Power
    3

    Default

    Thanks for the quick response!
    I have already defined MX record and tested it with MX Lookup Tool - Check your DNS MX Records online - MxToolbox. All the tests passed, but I try to send e-mail from console like:
    telnet mail.test.com 25
    mail from:webmaster@mail.test.com
    rcpt to:xyz@abc.com
    554 5.7.1 <xyz@abc.com>: Relay access denied.
    ......
    My idea is to send mail from host machine in the internet, which serves website "test.com" via smtp Zimbra server located somewhere. And how to tell Zimbra to accept inbound mails from worldwide and send(outbound) only ...@test.com ?
    I am afraid of someone to do not use my server as a spam relay.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by Todor View Post
    I have already defined MX record and tested ....
    If you are behind a NAT router you need a Split DNS set-up.


    Quote Originally Posted by Todor View Post
    My idea is to send mail from host machine in the internet, which serves website "test.com" via smtp Zimbra server located somewhere. And how to tell Zimbra to accept inbound mails from worldwide and send(outbound) only ...@test.com ?
    I've already given you the answer to that, if you want to relay mail through your Zimbra server then the 'client' needs to use Port 587 and authenticate.

    Quote Originally Posted by Todor View Post
    I am afraid of someone to do not use my server as a spam relay.
    They won't be able to do that, Zimbra by default is not an open relay.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Join Date
    Dec 2012
    Posts
    6
    Rep Power
    3

    Default

    It was my mistake. Just to explain - first I need to allow MTA trusted networks for client host machine. Second I checked that my server outgoing ip is different (my firewall ip) => snat to the right ip . After that I checked that PTR record is missing => need to talk to ISP to add ptr to the DNS. Now everything works as I expect.
    Thanks for the help and guidelines!

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by Todor View Post
    It was my mistake. Just to explain - first I need to allow MTA trusted networks for client host machine.
    Under no circumstances should you do that, you've just allowed another server to relay whatever it likes through your server. If that server gets compromised then it can relay spam through your Zimbra server without restriction - are you prepared for the consequences of that? Use the answer I gave you earlier and relay through port 587 with authentication.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. Replies: 4
    Last Post: 09-23-2012, 12:35 AM
  2. use another smtp relay for specific domain
    By sirio81 in forum Administrators
    Replies: 3
    Last Post: 08-06-2011, 01:54 AM
  3. smtp relay for external domain
    By djingo in forum Administrators
    Replies: 0
    Last Post: 06-24-2010, 07:47 AM
  4. Replies: 1
    Last Post: 05-27-2009, 02:07 PM
  5. Replies: 2
    Last Post: 10-10-2006, 01:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •